My email and facebook accounts have been hacked several times. There are viruses out there that capture your keystrokes and report back to whomever with that information.

I run anti-virus updates and scans once a day now, and change passwords every few months (if not more often).

Once you've been hacked, it makes you realize that you'd better get busy and do something about your passwords.

Rose

Steve Gibson is considered a bit of a fraud in the real world of Internet Security.

He uses buzzwords and gives out just enough information/misinformation to panic people or convince them he is knowledgeable about security.

Basically he sells stuff. Like the Ronco man or an Orpah "expert".

I'd have to look it up but I don't even think he got into "security" until the 90s. He's quite a joke amongst the "hacker" community.

My SO died six years ago this November. Beginning about four months ago, I started getting email messages from his email address. The message was usually just "Click this link". At first it startled me but I quickly assumed it was a spammer and deleted any other messages that came in. I called my server to see just how something like that could happen and she said someone probably hacked AOL (his server) at some point. There is really nothing she could (or wanted) to do about it. All I can say is it's a weird feeling to see that email alert with his name on it. Plus, I'm not the only one getting "his" messages - in the Cc field are addresses of all our mutual friends! One has questioned me about them, she started to get them before I did.

Here's a MS site that will help you create an acceptable/strong password. In the left hand margin there's a link for testing any password you might create to see if it's strong enough. This site is safe and very helpful. I've been using it for years to make sure my passwords are strong enough...especially when I'm low on "imagination".

Anne

Here is a link that might be useful: Passwords

LOL Well...between the time I copied the link for that page and posted it here...MS updated the page. The testing site link is referenced in the middle of the page rather than the left-hand margin. Sorry 'bout that.

Anne

Steve Gibson is a serious tech expert and is on many shows including great podcasts with Leo Laporte he is in no way a fake. He is highly recognized for his work and his programs, His program spin rite is used by hundreds of people.
His entire website is a wonderful resource and I have recommended it to many. If you want to see how well your firewall is doing he has a super test on his website, shields up which is FREE.

the important thing to note in the given example is that the dots after D0g are part of the password. I think this part of his explanation from that page is an essential part to understand.
"One Important Final Note
The example with "D0g....................." should not be taken literally because if everyone began padding their passwords with simple dots, attackers would soon start adding dots to their guesses to bypass the need for full searching through unknown padding. Instead, YOU should invent your own personal padding policy. You could put some padding in front, and/or interspersed through the phrase, and/or add some more to the end. You could put some characters at the beginning, padding in the middle, and more characters at the end. And also mix-up the padding characters by using simple memorable character pictures like "" or "[*]" or "^-^" . . . but do invent your own!

If you make the result long and memorable, you'll have super-strong passwords that are also easy to use! "

Here is the link to his page if you spend time on his pages I guarantee you will learn plenty. In fact he has a ton of free programs he offers on his site, the only one he actually has for sale is spin rite!
I am not sure what "hackers" think of him but every serious security or technical computer person knows of Steve Gibson and has at one time or another used some of his great freeware and been to his site to use his shields up tester.
He and Leo Laporte are 2 of the top tech people I listen to, they have regular podcasts, and watch often and would love to meet. I personally do consider him an expert in computer security and have learned a lot from both of those guys.

weekly audio security column & podcast by Steve Gibson and Leo Laporte

Here is a link that might be useful: SteveGibson freeware

I find using numbers and letters I am familiar with helps me remember, old house numbers for example, mixed with a name. I would not use your real name, but the name of a neighbor, favorite teacher any name you like. Mix them with the numbers in any order that you can remember.

I just put one capital letter and one number. For example a 5 for an S, etc.

I read once, where if your place your fingers one key to the right, and type your password, it makes a nice jumble.
e.g. the word "password" becomes [sddeptf

Leo Laporte is a journalist. Steve Gisbon is a software guy.

He is by no stretch of the imagination a security expert.He can call himself one...doesn't make him one.

The hackers who mock him are not kids in a basement. They are true security experts. The ones who the Feds go to for advice. The ones who come up with the algorithms. The advice in the article isn't bad advice ,just doesn't go far enough. Actually it advises teen hacker in basement to add some symbols to his algorithm software.

You won't hear his his name at DefCon, that's for sure.
He obviously doesn't understand the depth of the tools of the trade available to even the young novice hacker.

Gibson is security "lite". Advice for the the average home computer user. Same catagory as Dr. Phil and the great Oz. Sound bite experts.

Here is a link that might be useful: Haystack Not So Great

well I will just have to agree to disagree, I have learned very much from both of them as have many others at the pro support forums I work on, real support security people, in fact Steve is on several of the same forums I am on, exceptionally nice man.
I would never disparage anyone who has had so much success and support in the community, can not even imagine anyone saying Steve is not a security expert.
We regularly recommend his spin rite program on the computer help forum and on many other forums I work on. Along with many of his awesome free programs and shields up.

Calling Leo Laporte only a journalist?? he is an award winning journalist but he is way more than that what he has done for introducing technology, and bringing it to the people, is impressive to say the least and his tv shows had big fan bases. He has had many many great tv shows that have produced and spun off so many great talents in the industry.
Tech tv was amazingly popular and a wonderful and informative show, it was a haven for those new to computers and needing help the call for help section was massively successful. I for one was very disappointed when the network was taken over by the gamers channel. But I continue to watch and support them through the podcasts and online shows.

I do not go to DefCon. I'm not a follower of many hackers blogs either, sorry.

but in all my years of work in this field I have heard repeatedly favorable things about Steve and Leo. And I have definitely been with some people that know them and the industry.

Steve has done work in computer programing and security for many many years if you are just centering in on haystack that would be like judging an author who has had many award winning books by just one paragraph in their latest that you don't like. Haystack and rainbow tables et all are topics of discussion everywhere, for and against pros and cons.
His volume of work over the years has been extremely impressive he is with out doubt an accomplished programmer his many programs and works are proof of that so no denying that aspect. I have to recognize and support those that have gone before and forged the way for where we are today, whether I like them or not is irrelevant, I would do the same for someone I was not fond of. Do some people dislike him I am sure there are, pretty much everyone has fans and non-supporters to put it nicely. I judge by actuality and body of work much of which I have seen at work and know it is real and works.

everyone has an opinion that is how I base mine, and would hope others do the same, makes for a varied and diversified world.

Yes, he's the "Oprah" of system security. Good salesman, tho.

Schoolhouse, same thing happened to me. One of my dearest friends on this earth died in 2008, and in 2009, I started getting emails from him. Freaked me out, but like you said, the emails were links to malicious sites.

There are some evil people in this world, and sadly, some of them are true geniuses.

Rose